Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Metasploit
(Rapid7)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-11-06 | CVE-2019-5642 | Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from an instance of CWE-732, wherein the unique server.key is written to the file system during installation with world-readable permissions. This can allow other users of the same system where Metasploit Pro is installed to intercept otherwise private communications to the Metasploit Pro web interface. | Metasploit | N/A | ||
| 2017-06-15 | CVE-2017-5244 | Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET requests. Only POST requests should have been allowed, as the stop/stop_all routes change the state of the service. This could have allowed an attacker to stop currently-running Metasploit tasks by getting an authenticated user to execute JavaScript. As of Metasploit 4.14.0 (Update 2017061301), the routes for stopping tasks only allow POST requests, which validate the presence of a secret token to... | Metasploit | 3.5 | ||
| 2017-03-02 | CVE-2017-5235 | Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | Metasploit | 7.8 | ||
| 2017-03-02 | CVE-2017-5231 | All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi CommandDispatcher.cmd_download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance. | Metasploit | 7.1 | ||
| 2017-03-02 | CVE-2017-5229 | All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parse_dump() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance. | Metasploit | 7.1 | ||
| 2017-03-02 | CVE-2017-5228 | All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi Dir.download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance. | Metasploit | 7.1 | ||
| 2017-10-06 | CVE-2017-15084 | The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22. | Metasploit | 6.5 |